Posted by Jing Wang on Jan 22
*CVE-2014-9558 SmartCMS Multiple SQL Injection Security Vulnerabilities*
Exploit Title: Smartwebsites SmartCMS v.2 Multiple SQL Injection Security
Vulnerabilities
Product: SmartCMS v.2
Vendor: Smartwebsites
Vulnerable Versions: v.2
Tested Version: v.2
Advisory Publication: Jan 22, 2015
Latest Update: Jan 22, 2015
Vulnerability Type: Improper Neutralization of Special Elements used in an
SQL Command (‘SQL Injection’) (CWE-89)
CVE Reference:…